From d56211bd6237ba2b43e425aedfb9e22f0be0eb2d Mon Sep 17 00:00:00 2001
From: chengyechun <chengyechun1@huawei.com>
Date: Mon, 30 Oct 2023 17:10:53 +0800
Subject: [PATCH] fix CVE-2023-31122

---
 ...ort-CVE-2023-31122-out-of-bound-Read.patch | 28 +++++++++++++++++++
 httpd.spec                                    | 11 ++++++--
 2 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 backport-CVE-2023-31122-out-of-bound-Read.patch

diff --git a/backport-CVE-2023-31122-out-of-bound-Read.patch b/backport-CVE-2023-31122-out-of-bound-Read.patch
new file mode 100644
index 0000000..aebeaeb
--- /dev/null
+++ b/backport-CVE-2023-31122-out-of-bound-Read.patch
@@ -0,0 +1,28 @@
+From c41eb3b14a3d1eb2e3c42c4728cc52a22748851a Mon Sep 17 00:00:00 2001
+From: Stefan Eissing <icing@apache.org>
+Date: Mon, 16 Oct 2023 06:39:44 +0000
+Subject: [PATCH] mod_macro: out of bounds Read
+
+Conflict:NA
+Reference:https://github.com/apache/httpd/commit/c41eb3b14a3d1eb2e3c42c4728cc52a22748851a
+
+---
+ modules/core/mod_macro.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/modules/core/mod_macro.c b/modules/core/mod_macro.c
+index 04af43b..cc42d0b 100644
+--- a/modules/core/mod_macro.c
++++ b/modules/core/mod_macro.c
+@@ -465,7 +465,7 @@ static const char *process_content(apr_pool_t * pool,
+     for (i = 0; i < contents->nelts; i++) {
+         const char *errmsg;
+         /* copy the line and substitute macro parameters */
+-        strncpy(line, ((char **) contents->elts)[i], MAX_STRING_LEN - 1);
++        apr_cpystrn(line, ((char **) contents->elts)[i], MAX_STRING_LEN);
+         errmsg = substitute_macro_args(line, MAX_STRING_LEN,
+                                        macro, replacements, used);
+         if (errmsg) {
+-- 
+2.23.0
+
diff --git a/httpd.spec b/httpd.spec
index 6c2e56b..8711a43 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.51
-Release:          18
+Release:          19
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -109,6 +109,7 @@ Patch55:          backport-do-not-match-the-extention-against-possible-query-str
 Patch56:          backport-Do-not-double-encode-encoded-slashes.patch
 Patch57:          backport-Check-before-forwarding-that-a-nocanon-path-has-not-been-rewritten.patch
 Patch58:          backport-fix-memory-leak-in-calc_sha256_hash.patch
+Patch59:          backport-CVE-2023-31122-out-of-bound-Read.patch
 
 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@@ -545,11 +546,17 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Mon Oct 30 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-19
+- Type:CVE
+- ID:CVE-2023-31122
+- SUG:NA
+- DESC:fix CVE-2023-31122 mod_macro buffer over-read
+
 * Mon Aug 14 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-18
 - Type:bugfix
 - ID:NA
 - SUG:NA
-- DESCfix memory leak in calc_sha256_hash
+- DESC:fix memory leak in calc_sha256_hash
 
 * Sun Jun 25 2023 zhanghao <zhanghao383@huawei.com> - 2.4.51-17
 - Type:bugfix
-- 
Gitee